<?php

include_once F_SOURCE . 'user/user.model.class.php';
include_once F_SOURCE . 'group/group.model.class.php';

/**
 * 用户登入登出Ctrl
 * 
 * @author Dean
 *
 */
class loginCtrl extends Ctrl{
	
	/**
	 * 显示登陆页面
	 */
	public function show() {
		$view = new View();
		$view->display(array(), 'login.html');
	}
	
	public function view(){
		$view = new View();

		$data = array(
			'obj' => $_SESSION['ads']['user'],
			'op_select' => array('user'=>"class=select")
		);
		
		$view->display($data, 'login_view.html');
	}
	
	/**
	 * 检查是否为系统用户并验证密码
	 */
	public function check() {
		$username = addslashes($_POST['username']);
		$password = addslashes($_POST['password']);
		
		$userModel = new userModel();
		$userInfo = $userModel->checkLogin($username);
		if($userInfo==''){
			echo 'false@@该用户不存在！请确认后在输入！';
			exit();
		}
		
		if ($userInfo->pwd == md5($password)) {
			$_SESSION['ads']['loginAllowed'] = 1;
			$_SESSION['ads']['user'] = $userInfo;
			
			$groupModel = new groupModel();
			$groupInfo = $groupModel->findOne($userInfo->groupID);
			if($groupInfo!=''){
				$_SESSION['ads']['resource'] = unserialize($groupInfo->groupAction);
			}
			
			echo 'true@@index.php?do=main.show';
			exit();
		} else {
			echo 'false@@用户密码错误！请确认后在输入！';
			exit();
		}
	}
	
	/**
	 * 登出
	 */
	public function logout(){
		session_destroy();
		go('index.php');
	}
	
	/**
	 * 修改用户密码 
	 */
	public function updatepwd(){
		
		$oldpwd = $_POST['oldpwd'];
		$pwd1 = $_POST['pwd1'];
		$pwd2 = $_POST['pwd2'];
		
		$userInfo = $_SESSION['ads']['user'];
		if(md5($oldpwd)!=$userInfo->pwd){
			$this->showMessage('?do=login.view', 'user_password_wrong');
		}
		
		//判断输入密码
		if($pwd1 != $pwd2){
			$this->showMessage('?do=login.view', 'user_password_diff');
		}
		
		$data = array(
			'pwd' => md5($pwd1)
		);
		
		$where = array(
			'id' => $_SESSION['ads']['user']->id
		);
		
		$userModel = new userModel();
		$number = $userModel->modify($data, $where);
			
		if($number > 0){
			$this->showMessage('?do=login.view', 'op_success');
		}else{
			$this->showMessage('?do=login.view', 'op_failure');
		}
	}
	
}


?>